Zeljka Zorz
State-sponsored actors may have abused Twitter API to de-anonymize users
A Twitter API that’s intended to help new account holders find people they may already know on Twitter has been abused by known and unknown actors to tie usernames to …
Wuhan coronavirus exploited to deliver malware, phishing, hoaxes
The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware …
Layering diverse defenses is crucial for stopping email attacks
Despite heading a company that provides a technological solution for stopping targeted email attacks, Evan Reiser, CEO of Abnormal Security, knows that technology is not the …
Make your own security key with Google’s OpenSK
Google has open-sourced OpenSK, firmware that, combined with an affordable chip dongle, allows you to make your own security key to use for authentication purposes. About …
Microsoft invites gamers and researchers to new Xbox bug bounty program
Gamers, security researchers, and technologists have been invited to identify security vulnerabilities in Xbox network and services and report them to Microsoft. Bounty …
UN hacked: Attackers got in via SharePoint vulnerability
In summer 2019, hackers broke into over 40 (and possibly more) UN servers in offices in Geneva and Vienna and downloaded “sensitive data that could have far-reaching …
Magento patches critical code execution vulnerabilities, upgrade ASAP!
Adobe-owned Magento has plugged multiple critical vulnerabilities in its eponymous content management system, the most severe of which could be exploited by attackers to …
Critical RCE flaw in OpenSMTPD, patch available
Qualys researchers have discovered a critical vulnerability (CVE-2020-7247) in OpenBSD’s OpenSMTPD mail server, which can allow attackers to execute arbitrary shell commands …
Most AV vendors will continue to support their products under Windows 7
Earlier this month, Windows 7 – the most beloved Windows version up to date – has reached end-of-support. Businesses of all sizes can still pay to receive extended …
MDhex vulnerabilities open GE Healthcare patient monitoring devices to attackers
Researchers have discovered six critical and high-risk vulnerabilities – collectively dubbed MDhex – affecting a number of patient monitoring devices manufactured …
IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781
Citrix and FireEye have teamed up to provide sysadmins with an IoC scanner that shows whether a Citrix ADC, Gateway or SD-WAN WANOP appliance has been compromised via …
It’s time to patch your Cisco security solutions again
Cisco has released another batch of security updates and patches for a variety of its offerings, including many of its security solutions. Security fixes for security …
Featured news
Sponsored
Don't miss
- Grype: Open-source vulnerability scanner for container images, filesystems
- Signatures should become cloud security history
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks